24 matches found
USN-8429-1 fastnetmon vulnerabilities
It was discovered that FastNetMon incorrectly validated prefix lengths when decoding BGP NLRI data. A remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS and Ubuntu 26.04 LTS. CVE-2026-48686 It was...
Linux Distros Unpatched Vulnerability : CVE-2026-48694
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In...
Linux Distros Unpatched Vulnerability : CVE-2026-48687
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in...
CVE-2026-48694
FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniperplugin/fastnetmonjuniper.php, the $IPATTACK variable received from argv1 is directly interpolated into Juniper NETCONF set-configuration commands at...
DEBIAN-CVE-2026-48694
FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniperplugin/fastnetmonjuniper.php, the $IPATTACK variable received from argv1 is directly interpolated into Juniper NETCONF set-configuration commands at...
CVE-2026-48694
FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniperplugin/fastnetmonjuniper.php, the $IPATTACK variable received from argv1 is directly interpolated into Juniper NETCONF set-configuration commands at...
CVE-2026-48687
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...
DEBIAN-CVE-2026-48687
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...
CVE-2026-48687
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...
UBUNTU-CVE-2026-48687
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...
FastNetMon 安全漏洞
FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov, based on multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contain security vulnerabilities. These vulnerabilities stem from the lack of validation or cleaning of IP address variables in the...
FastNetMon 安全漏洞
FastNetMon is a high-performance DDoS detector/sensor developed by Pavel Odintsov, based on multiple packet capture engines. Versions of FastNetMon prior to 1.2.9 contain security vulnerabilities. These vulnerabilities stem from the log function in the Juniper router integration plugin, which doe...
EUVD-2026-31843
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...
EUVD-2026-31948
FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniperplugin/fastnetmonjuniper.php, the $IPATTACK variable received from argv1 is directly interpolated into Juniper NETCONF set-configuration commands at...
CVE-2026-48694
FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniperplugin/fastnetmonjuniper.php, the $IPATTACK variable received from argv1 is directly interpolated into Juniper NETCONF set-configuration commands at...
CVE-2026-48687
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...
CVE-2026-48694
FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniperplugin/fastnetmonjuniper.php, the $IPATTACK variable received from argv1 is directly interpolated into Juniper NETCONF set-configuration commands at...
CVE-2026-48687
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...
CVE-2026-48694
FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the Juniper router integration plugin. In src/juniperplugin/fastnetmonjuniper.php, the $IPATTACK variable received from argv1 is directly interpolated into Juniper NETCONF set-configuration commands at...
CVE-2026-48694
CVE-2026-48694 affects FastNetMon Community Edition up to 1.2.9 via the Juniper router integration plugin. The vulnerability arises because the variable $IP_ATTACK (from argv[1]) is directly interpolated into NETCONF set-configuration commands without validation, allowing an attacker-controlled I...